Russia-linked crypto threat actor involved in political spoofing tracked
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A Russia-linked threat actor is deploying domains for crypto scams targeting the US Presidential Election and prominent tech brands. The scams involve fake Bitcoin and Ethereum giveaways, asking users to send coins to attacker-controlled wallets with false promises of doubling returns. A large cluster of domains featuring US political figures, business leaders, and global brands has been discovered, using counterfeit legal letters from US agencies to add legitimacy. Targets include Donald Trump, Kamala Harris, Tim Cook, Elon Musk, and others. The campaign involves spoofed websites, CAPTCHA protection, and chat functions. Some domains feature Russian language content. The threat actor uses Cloudflare for hosting and has registered domains with a Russian email address.
OPENCTI LABELS :
phishing,cryptocurrency,political spoofing,us elections
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Russia-linked crypto threat actor involved in political spoofing tracked